China's Android Market "is a big deal" the first Trojan horse application

A report by Symantec, the world's leading security manufacturer, has detected two applications for the latest Android signature vulnerabilities, from China's legitimate third-party Android app Market, 24.07,-0.20,-0.82%.     Symantec predicts that attackers will continue to exploit this vulnerability to infect unsuspecting users. July 15, the newspaper published "Android users, you have a big event!" "A article, exposing the vast majority of users have not been found in the latest Android loopholes to prevent, once the loophole was exploited by lawless elements, the user's mobile phone will be fully controlled, personal privacy, data face full disclosure.     At the time, domestic experts predicted that a week later the outlaws might start attacking.     According to Symantec's published application software screenshot, the infected application is called "Doctor's Appointment", which is an app that helps users to book their registration.     A reporter in the Android market search found that doctors to book the app "Doctor" and "normal edition" two applications, in the domestic Android Market, pea Pod and other mainstream Android Third-party application market can be downloaded.     Symantec said that by embedding code in the two apps, the attackers could steal information such as IMEI and phone numbers and manipulate the sending of billing information, and, if possible, allow attackers to disable some of the security software applications provided by China Mobile by controlling their phones.     At the same time, the reporter found that in google (882.27,-3.08,-0.35%) official application of the market Google Play has not found the application, it is reported that Google Play has been under the shelves of several sections of the image of the application of this vulnerability, the current official application of the market is not infected applications. According to the information provided by the "Doctor's appointment" app, the software developer comes from Shenzhen Panorama Information Technology Co., Ltd., the relevant person in charge explained to the reporter, "we notify an Android user by SMS or email to download the bug patch in time to help the user solve the problem." This (APP) version has just been released less than 10 days, the user is not much, the actual impact on users is very small. Sho Zi Ai, a senior researcher at the Cheonan Laboratory, told reporters that the domestic security community was watching the loophole closely and monitoring its potential for extensive use. "The current reminder to consumers is that after the mobile phone manufacturers released patches, please take the initiative for their own Android phone, otherwise please try to Google's official Google Play and the credibility of a good application market to download." ”